CVE-2023-52500: scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command
Description
In the Linux kernel, the following vulnerability has been resolved:
scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command
Tags allocated for OPC_INB_SET_CONTROLLER_CONFIG command need to be freed
when we receive the response.
Classification
CVE ID: CVE-2023-52500
Affected Products
Vendor: Linux
Product: Linux
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.05% (probability of being exploited)
EPSS Percentile: 17.83% (scored less or equal to compared to others)
EPSS Date: 2025-02-04 (when was this score calculated)
References
https://git.kernel.org/stable/c/2afd8fcee0c4d65a482e30c3ad2a92c25e5e92d4https://git.kernel.org/stable/c/d540a4370aba378fbedf349ba0bb68e96e24243d
https://git.kernel.org/stable/c/2259e1901b2d8c0e8538fc99e77de443b939e749
https://git.kernel.org/stable/c/22e6d783a33015bcdf0979015e4eac603912bea7
https://git.kernel.org/stable/c/c13e7331745852d0dd7c35eabbe181cbd5b01172